wordpress -- cross-site scripting vulnerability

2015-04-27T00:00:00
ID BA4F9B19-ED9D-11E4-9118-BCAEC565249C
Type freebsd
Reporter FreeBSD
Modified 2015-09-15T00:00:00

Description

Gary Pendergast reports:

WordPress 4.2.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately. A few hours ago, the WordPress team was made aware of a cross-site scripting vulnerability, which could enable commenters to compromise a site. The vulnerability was discovered by Jouko Pynnöne.